CERTIFICATION

HOW CEH Certification can add VALUE to your RESUME

Certified Ethical Hacker (CEH) is a globally recognised qualification, which an individual obtains by proving his or her skillset of assessing the security of IT applications and networks by verifying the vulnerabilities or loopholes of the target systems, using the same methodologies, tools and techniques as a hacker, but in a lawful and legitimate manner with a due permission of IT system owners.

Information technology is an integral part of almost every business nowadays and so do Cyber Security. Using technology gives ease of access and fast processing of data, at the same time is also gives exposure to many risks which could harm the business and even lead to severe impacts sometimes. Information Technology and Cyber security going hand on hand now a days. Certified Ethical Hacker is one of the most popular certification which could help an individual to start or migrate their career in cyber security.

An IT of any organisation comprises of Network and Application, companies need to monitor and  secure both of these in order to safeguard their critical data. CEH gives a comprehensive overview of a Hacker’s mind set and methodology. We can replicate the same steps in our environment and find out loopholes which could attract any malicious user and patch them before they can get exploited.

 

 

Security Assessments has following steps:

Reconnaissance: Generally known as Recce or information gathering, of the target network or application.  This phase you collect the targets information from various public and private domains.

Network Scanning: Here we scan the networks or applications to find out the vulnerabilities or weakness in it and remember you need to do this in stealth mode else the target can identify the scan and can block your connection.

Gaining Access. Once we get the vulnerabilities you are good to enter or penetrate into the system by exploiting it and you can have even the Administrator or root access.

Maintaining Access: Here we learn how we can hide ourselves into the system by migrating to system files and then can have access for a longer time.

Covering Tracks: Once all the necessary information is captured now you would like to remove all your footprints or logs from the system so that you cannot get traced back.

Skillset of a CEH certified candidate:

  • A Certified Ethical Hacker knows multiple techniques of information gathering through different resources like publically available information, websites, social media and thus identifying the publically available weak link or the basic information of the tools and techniques used by the organisation.
  • A CEH knows various techniques to scan the network using customised commands and thus can identify the unnecessary ports or exploitable version of services present on company’s server and network
  • A CEH knows how a web application can be exploited for different kinds of vulnerabilities like SQL injection, privilege escalation, command injection, Cross site scripting (XSS), weak passwords, weak sessions etc.
  • A CEH knows how to identify vulnerabilities in Wi-Fi network and how to exploit it
  • A CEH is aware of different kinds of malwares and working methodologies of malware and also knows how to detect hidden malwares in files or software by performing reverse engineering
  • A certified CEH have a good knowledge of Cloud Computing and Internet of Things (IoT) hacking. Since IoT and Cloud Computing both are most used technologies now a days, and a CEH having good knowledge of security assessment of these can identify loopholes in these systems prior to getting exploited by a malicious user.
  • A CEH knows the security assessment techniques for mobile applications both android and is.
  • A CEH knows how the network devices like firewall, IDS, Honeypots works and how it can be exploited.
  • A CEH knows different techniques of sniffing a network and how to capture critical information travelling through networks. In this way he or she can help the organisation to find out vulnerabilities present in the network and the organisation can patch it before getting exploited.
  • A Certified Ethical Hacker knows different techniques to identify vulnerabilities which could lead to session hijacking of any web application.
  • In addition to all above skillsets a CEH also knows different tools like Nessus, Burp Suite, Wireshark, NMap, ZenMap, Metasploit , Acunetix and many tools which are commonly used in Security assessments

Scope after getting CEH

  • You can work as a Security Tester or Security analyst who is performing Vulnerability Analysis and Penetration Testing (VAPT) on web application, mobile application and networks
  • One can work as network security analyst in Security Operations Centre(SOC), where the organisations network is constantly being monitored and subsequent actions are taken against any kind of malicious traffic.
  • If you have good knack in programming languages, you can work as secure code reviewer, which is again a very demanding job nowadays.
  • If you have good knowledge of programming skills with a knowledge of ethical hacking you can work as an exploit writer. Many companies are working on this.
  • Last but not the least one can work as a freelancer Bug Bounty Hunter and can get paid well.

Ethical Hackers or Security Testers are the professionals who has very good knowledge of networks and applications, at the same time they know how to maintain security of both so that it can be safeguarded from hackers. Ethical hackers constantly test organisations applications, network devices networks and find out vulnerabilities in it and ask the IT team to patch those vulnerabilities.

Attaining cyber security skillset of along CEH certification is definitely a very good credential for one which can help anyone to lend a good job in any organisation.

Now a days many renowned companies are developing their own Cyber Security team and they also get their Infrastructure tested by third parties just to ensure on their security. While hiring a Third Party organisations are very particular about the individual’s qualification and experience, CEH certification is answer for that because it provide assurance about the candidate’s skillsets. As a whole CEH certification holds a good reputation in the industry,

#Tags:   Jobs, Hacking, Career, CV,Certification,

#Keywords: Cyber Security, CEH, Certified Ethical Hacker, Security Testing, information Security, IoTHacking,Mobile Application Hacking, Web Application Hacking

CYBER SECURITY CERTIFICATIONS FOR BEGINNERS

Information Technology has become an integral part of every business now a days irrespective of its nature and size. Information Technology brings a lot of ease of doing business at the same time it increases risk as well. Businesses are taking cyber security risks seriously which has made Cyber Security is a good career option now a days. There are multiple certification available in the market which can help anyone to get into cyber security. These certifications are blend of existing technologies and security. To become a successful Cyber Security professional one has to be good inboth networks and application. Below are few training and certification courses which any beginner can pursue to start his or her career in cyber security.

CCNA(R & S) (ROUTING AND SWITCHING)

CCNA(R&S) or Cisco Certified Network Associate is the most popular certification to start a career in IT and cyber security. This certification has global value.

Perquisites: There is no perquisite for CCNA certification. Candidates should have interest in networks and IT infrastructure

What the participants will learn?

CCNA certification training gives a deep insight of networking .It helps students to develop a complete understanding of IT networking and different kind of network topologies in order to form efficient and secure networks. It also provides deep level understanding of different routing protocols as well.

 

What are the Career option after this certification?

After successful completion of CCNA training and certification program one can start his or her career as

  • Network Associate,
  • Network Administrator
  • System administrator
  • Network Engineer
  • Technical Support Engineer

CCNA (SECURITY):

Cisco Certified Network Associate(Security)is an entry level globally recognized certification for the aspirants who are planning to build their career in Network Security and cyber security

Perquisites: CCNA(Routing and Switching)

What the participants will learn?

CCNA Security certification training helps candidates to learn secure network architecture. After training participants will be able to install, monitor and configure various network security devices like Firewall, VPN, Routers and switches, IDS, IPS

What are the Career option after this certification?

After successful completion of CCNA Security certification and training candidates can pursue their career as:

  • Network Security Engineer
  • Network Support Engineer
  • Network Security Specialist
  • Network Security Administrator
  • Network Security Analyst
  • MCSA

Microsoft Certified Solutions Associateis a globally recognised certification from Microsoft which provides great career opportunities in the field of network system and technical support. This is one of the most sought after certification in Information Technology infrastructure.

Perquisites:  There are no perquisites, however a good knowledge of network fundamental and databases will be helpful

What the participants will learn?

MCSA training and certification will help the candidates to learn installation and configuration of Windows Server 2016. Candidates will also learn Windows administration .MCSA training and certification will generate the skillsetthat focus on designing and producing technological solutions

 

What are the Career option after this certification?

  • Network Administrator
  • Database Administrator
  • Technical Support Specialist
  • Systems Administrator
  • Computer Network Specialist

 

RHCSA

Red Hat Certified System Administrator is a certification for developing skillsets in working Red Hat Enterprise Linux environment. This is also a very popular and globally recognised certification.

PerquisitesThere is no prerequisites for the certification.

What the participants will learn?

This training and certification will help the candidates to understand Linux command line environment, file and directory structures. Creation and Configuration of files and file systems using command line. Manage user and groups. Management of basic security configurations like firewalls etc.

What are the Career option after this certification?

Few of the career options are:

  • Linux System Administrator
  • System Analyst
  • System Engineer
  • Server Administrator
  • CEH

Certified Ethical Hacker is a certification from E C Council which provides an offensive approach of Cyber security i.e. how the networks and application can be hacked. This is a very popular and globally recognized certification.

Perquisites: Candidates appearing for this certification should have basic understanding of networks, servers and databases.

What the participants will learn?

Participants attending CEH training will learn about different phases of hacking like information gathering, network scanning, enumeration, attacking and how to delete footprints after successful attack. This training and certification gives you a hacker’s perspective while attack.

This program also gives a deep understanding how networks, application Wi Fi, IoT devices can be attacked by using loopholes and vulnerabilities in the existing systems.

This certification develop a basic and initial skillset of hacking(security testing) among the participants.

What are the Career option after this certification?

There are multiple career options after successful completion of CEH training and certification course. One can pursue career as:

  • Network Security Engineer
  • Security Engineer
  • Vulnerability Assessor
  • Information Security Analyst
  • Information Security Consultants
  • Cyber Security Consultant
  • Web Application Penetration Tester
  • Network Penetration Tester
  • ISO/IEC 27001 LEAD AUDITOR

ISO/IEC 27001 Lead Auditor is a globally recognised certification in the field of cyber security and information security. A certified Lead Auditor understands the mandatory requirements of information security and is well versed with the process of auditing.

Perquisites: To become ISO/IEC 27001 Lead Auditor candidates should have 2 years of Information Security Auditing experience.

What the participants will learn?

After successful completion of ISO/IEC 27001 LA program candidates will able to perform information security audits in any organisation. Candidates will learn the Information Security Management System as per ISO 27001 & all its controls and how to plan, conduct and close an audit according to ISO 19011.

What are the Career option after this certification?

Career options after this certification are:

  • Information Security Internal Auditor
  • Risk Assessor
  • Lead Auditor
  • Risk Manager
  • Information Security Consultant

 

Cyber Security scenario is rapidly changing, new technologies are coming in the market and old technologies are getting obsolete. One needs to know the basics irrespective of the technology domain in which he or she is working. One can choose the complete suite of certifications or a few certifications as per their interest. Cyber security is also about innovation where one can make their own customised solutions according to the organisations need against the current and upcoming risks.

# Keywords:  Cyber security, Information security, CEH,CCNA, ISO 27001 LA, risk, threat,MCSA, RHCSA, certification

 

# Tags:  career, jobs, cyber security, Information technology, beginner, certification.

ISO 27001: ISO 27001 is a standard that is folloVendord for the Information Security Management System (ISMS) of an organization in which, the said company’s compliance status is checked, based on which new policies are created and applied. It’s a mandate in many sectors such as companies involved in the Cyber Security domain.ISMS includes the 3 major elements of cyber security: Confidentiality, Integrity, Availability (CIA).

To ensure compliance to the CIA in terms of ISO 27k1 the companies need to

    • Audit
    • Assess the risks
    • Formulate policies
    • Implement policies
  • Continuous monitoring & Updates

The departments/processes that go through the above mentioned process are both, IT & Non IT Infrastructure of a company, but the audit of ISO 27k1 is mainly focused on the IT Infrastructure of a company.

ISO 27001 Certification:

Being ISO 27001 Certified means, the certification body that you choose for this process (PECB or IRCA), gives you an attested confirmation that your organization is compliant to all the guidelines of ISO 27k1.

Now there are two types of certifications in ISO: Individual / Organization

The process for an Individual certified professional is completely different from that of a Certified Organization, these certified professionals then move on to performing the process of certifying the organization.

Individual

Types of ISO certified Professionals

    • Lead Auditor
  • Lead Implementer

lead auditor is the one who is responsible for leading the audit team in an organization. He or she prepares the audit plan, delivers meetings and submits audit report at the end of quarter or year. Conducting audits is the main responsibility of a lead auditor and that needs to be done on a daily basis.

A Lead implementer is the one responsible for bringing the Lead auditor plan into action and makes sure all the policies are implemented and properly controlled.

Process of getting certified

According to PECB, the process for getting ISO 27k1 LA/LI certified is nearly not as lengthy for individuals as it is for the organizations.

    • Previous experience: minimum 4 years of job experience in IT is crucial, out of which at least 2 years has to be in cyber security.
    • Training & Examination: After attending 5 days of training in ISO 27k1 LA/LI, in the course outline guided by the certification body of your choice/requirement, you have to submitted a certain examination fee to the certification body, after which, an invoice in your name along with your exam question papers are prepared & sent to the authorized training center for you to attempt the exam.
  • Certification process: After attempting the certification exam, the candidate fills the certification forms in which they put in the required information, In the back-end the certification body verifies the information given by the candidates and if the compliance is there, the certificate is issued.

Organization

Continue reading

Visit Us On FacebookVisit Us On TwitterCheck Our FeedVisit Us On Linkedin